46 Cans of Ravioli
"how do you fix the thing without doing the thing that fixes the thing?" - bigkahuna360, 2019
I’d agree if the security log didn’t show that there was a logon process and several dozen ownership processes within 30 seconds.Windows 10 does maintenance, defragmenting and stuff in background when u dont use the computer for sometime. It stops doing it when computer is used again, like moving the mouse. This can cause pretty high CPU usage for 1 core sometimes.
Gotcha, biggest issue I have is that amount of important files is in excess of 300GB’s without enough space to backup elsewhere.you'd likely end up stuck in a never ending chase of delete the file, & purge the virus.
bleepingcomputer has a 3rd party tool that supposedly forces all running stuff to quit, making AV more effective at finding & removing, but typically I reformat anything this infected. Specially if its a employer, or customer related.
IE: if you brought this to me, I'd salvage important data (docs, pdfs, xls) reformat, confirm data i removed is clean, then put it back on.
I wish I had the money for a new NVMe drive. This 512 is too small now.It's just that Event 4624:Logon, Event 4672:Special Logon, Event 4798:User Account Management, Event 4799:Security Group Management, all multiple times in the same minute and repeated every 10 to 15 minutes is normal Windows operation.
I've got endless pages of them already, and I downloaded the latest Windows media creation tool direct from Microsoft 12 hours ago and put a clean Windows onto a brand new NVMe drive.
When you do the clean install thinking you've fixed it you're probably going to see exactly the same things in event viewer>security.
Which events do you think shouldn't be there? And how have you determined that they shouldn't be there?
Gotcha, biggest issue I have is that amount of important files is in excess of 300GB’s without enough space to backup elsewhere.